Datto RMM 11.2.0 release notes
Schedule*
| Platform | Date | From (UTC) | To (UTC) | Duration |
|---|---|---|---|---|
| Syrah (APAC) | Tuesday, October 11, 2022 | 10:00 | 13:00 | 3 hrs |
| Zinfandel (US West) | Wednesday, October 12, 2022 | 08:00 | 11:00 | 3 hrs |
| Concord (US East) | Thursday, October 13, 2022 | 08:00 | 11:00 | 3 hrs |
| Merlot (EU2) | Thursday, October 13, 2022 | 17:00 | 20:00 | 3 hrs |
| Vidal (US East) | Monday, October 17, 2022 | 08:00 | 11:00 | 3 hrs |
| Pinotage (EU1) | Monday, October 17, 2022 | 17:00 | 20:00 | 3 hrs |
NOTE *The schedule is subject to change. Please check the Status Page for regular updates.
IMPORTANT This is a full platform and Agent release; therefore, partners should expect brief disconnections of the Agent during the update window.
About the release
The 11.2.0 release is the tenth of our twelve monthly releases planned for 2022. Please see below for the highlights, along with the full list of fixes and improvements. As always, we look forward to your feedback as we continue to improve the product every single month.
Video
VIDEO Datto RMM 11.2.0 Release Overview
Join Community Program Manager Melissa Hockenberry and Senior Director of Product Management Matthé Smit as they provide a quick overview of the Datto RMM 11.2.0 release featuring new Endpoint Security tools, dashboard widgets, hardware and software audit lists, and ComStore integrations with RocketCyber and RapidFire Tools.
Endpoint Security
We’ve made the following significant improvements to make it easier to keep endpoints secure and respond to active threats:
- New Endpoint Security policy. Deploy and configure various endpoint security technologies. Currently, this feature supports Windows Defender Antivirus and Datto RMM Ransomware Detection. Refer to Endpoint Security policy.
- Windows Defender Antivirus configuration management. Enforce a more secure configuration for Windows endpoints. This feature allows you to configure attack surface reduction rules and scan schedules among other things. Refer to Managed Windows Defender Antivirus.
- New Endpoint Security card. View a comprehensive status of all security solutions for a device with the ability to drill into the details of a managed antivirus product. Currently, Windows Defender Antivirus is supported. Refer to Endpoint Security.
- New device isolation actions. These actions will respond to security threats. When Ransomware Detection is active, a device can be isolated (and reverted from isolation) directly from the Endpoint Security card. Refer to Endpoint Security.
- New Managed Windows Defender Status dashboard widget. Refer to Managed Windows Defender Status. This widget is similar to the recently added Ransomware Status widget.
Hardware and software audit lists
You can now access overviews of audited hardware and software globally or per site:
- New Hardware and Software pages. These pages are accessible from the Global section and Sites section (upon selecting a site) in the left navigation menu.
- Show or hide installed software versions. Gain control over the level of detail displayed.
- Filtered list of devices. Access using the hyperlink in the Total device(s) column.
Refer to Software and Hardware.
Hardware
Software
Alerts Over Time dashboard widget
You can now view the number of alerts raised over time in a line graph widget for trend analysis, including the following functionality:
- Adjust the number of days. Focus or widen the time frame displayed.
- Show or hide lines by alert type. Show only what is important to you.
- Detailed alert list. Click through to a more detailed list to continue investigating.
Refer to Alerts Over Time.
Improvements to Filters and Groups
We have made the following improvements to device filter and group usability to lay foundations for further enhancements in upcoming releases:
- Device filters and groups now on separate pages. This improvement will allow for quick filters to be added in the next release.
- Clicking filter names now shows results. Eliminate the need to navigate via the detail pane.
- New filter action column. Opens the detail pane and allows for editing or deleting.
Refer to Device Filters and Groups.
Improvements to policy management
We have made the following improvements to policy lists:
- Full-page policies list. Accessible from the Policies card on the Device Summary page, this full-page table allows for more detailed analysis and easier management of policy configurations.
- Enable or disable policies. Available in all list views, this feature provides better visibility and more seamless configuration.
Refer to List of policies in Policies.
TLS 1.0 and TLS 1.1 deprecation
Following the 11.2.0 release, to improve security, the Datto RMM platform will stop allowing communication using the deprecated TLS 1.0 and TLS 1.1 protocols. This change, originally targeted for 10.8.0, will prevent agents that still rely on .NET 4.0 from communicating with the platform.
Impact
Devices supporting TLS 1.2, such as Windows 6.1 and newer Windows environments that have .NET Framework 4.0 installed, will continue to be supported. This includes Windows 7, Server 2008 R2, and newer.
Devices that are configured to communicate using versions of TLS below 1.2, such as those operating on Windows NT 6.0 or older, are no longer supported. This encompasses the Windows Vista and Server 2008 family of operating systems.
Other devices such as those running Linux or macOS may require configuration changes, updates, or upgrades in order to communicate using TLS 1.2 if they are no longer connecting to the Datto RMM platform.
Legacy Windows devices that are no longer supported can be identified using the following filter: Operating system contains 5.0 OR 5.1 OR 5.2 OR 6.0. Refer to Device Filters and Filter criteria definitions.
For more information, refer to this Kaseya Community post.
Other New UI updates
- Applied column filters. Now shown for components and the ComStore. Refer to The components table and Browsing the ComStore.
- Using the Enter key in Global Search. View Global Search results in all categories except General. Refer to Global search.
- Empty Global Search results now clearly identified in quick results. Refer to Global search.
Additions to the ComStore
We release new ComStore components and update existing ones every month. Notable ComStore additions this month include the following:
- Integrations with RocketCyber and RapidFire Tools. For details, refer to the next section, New ComStore integrations.
- Get/Set Default Browser (Windows). Audit and select the default browser for the logged-in user.
- Silent Knight (macOS). Uses the command-line version of Silent Knight to perform a series of security checks on a macOS device.
- PowerShell Version Audit (Windows). Discover at a glance what versions of Windows PowerShell your devices are running and which components they are compatible with.
NOTE To access a full list of ComStore components, refer to List of ComStore components.
New ComStore integrations
RocketCyber
We are pleased to announce that Datto RMM now allows users to deploy the RocketCyber Agent onto their Windows devices using the recently released ComStore component. Integrating even adds a UDF linking directly to the RocketCyber interface from Datto RMM for a round-trip integration experience.
RapidFire Tools: Network Detective and Compliance Manager
With a single component, Datto RMM now allows Network Detective, Compliance Manager, and Compliance Manager GRC scans to be scheduled on Windows devices.
You will need to provide your VSA connector ID to use this integration.
Updates since the last release
| Type | Summary |
|---|---|
| Fix | We resolved an issue in Software Management on macOS which could cause the trusted process to over-utilize system resources and multiple system_profiler processes to spawn. |
| Fix | We resolved an issue where users with security levels configured to access only Site Groups could not use the New UI without access to Sites, as well. |
| Fix | In the Recent Alerts widget, the Site column and Hostname column values no longer change from site name to site UID when maximized to full screen. |
| Fix | The Recent Alerts widget no longer loses the page navigation and window scrolling controls when the widget is resized. |
| Fix | In the Recent Alerts widget, data in the Message column is now truncated to maintain usability. The full message remains available in the tooltip. |
Want to know what's coming next?
Interested in what we’re currently working on and the broader roadmap? Check out this post in the Kaseya Community for more information on our broader roadmap vision, what we’re currently working on, and priorities for upcoming releases!
List of improvements and fixes in this release
New UI
| Type | Summary |
|---|---|
| Feature | Device filters and groups now exist on separate pages. Refer to Device Filters and Groups. |
| Fix | When creating or editing a component in the New UI, post conditions now match the conventional order used in the legacy UI. Refer to Post-conditions. |
| Fix | When Windows Defender Antivirus or Webroot SecureAnywhere action buttons are unavailable (grayed out) in light mode, they are now correctly marked as unavailable in dark mode. |
Autotask Integration
| Type | Summary |
|---|---|
| Fix | The Open in PSA action button is now available for Autotask authenticated users that are assigned to security levels with the Integrations permission set to None or View in the New UI. |
| Fix | We resolved an issue that prevented some Ransomware Detection alerts from successfully creating tickets through the Autotask Integration. |
| Fix | The Autotask Integration is no longer sending misleading emails stating that a ticket was not created after a ticket was created successfully. |
| Fix | New devices will now synchronize to Autotask much more quickly after the initial device audit. |
| Fix | We resolved a release-related Autotask Integration issue preventing tickets from being raised from Event Log monitor alerts. |
Splashtop
| Type | Summary |
|---|---|
| Foundation | The Splashtop Streamer for Windows has been updated to version 3.5.2.1. Refer to Current Splashtop Streamer versions. |
| Foundation | The Splashtop Streamer for macOS has been updated to version 3.5.2.0. Refer to Current Splashtop Streamer versions. |
Agent
| Type | Summary |
|---|---|
| Feature | The Agent will now attempt to repair the Windows WMI repository and re-run an audit if it detects a failure during a full audit or delta audit. |
| Foundation | Additional context for connectivity has been added to the Agent log to enhance troubleshooting work around connection errors. |
Agent communication
| Type | Summary |
|---|---|
| Fix | More information has been added to Agent logging to aid troubleshooting if a device unexpectedly loses its UID, causing it to gain a new UID and create a duplicate device within a site. |
Agent update
| Type | Summary |
|---|---|
| Fix | The Agent will now perform an additional check for policies when it starts up and connects to the platform. Refer to Policy membership recalculation. |
Audit
| Type | Summary |
|---|---|
| Fix | Unaudited devices are no longer displayed as being 32-bit architecture in the New UI. |
| Fix | The available memory for Windows devices with a mixture of onboard and modular RAM are now accurately reported. |
| Fix | MacBook Air and MacBook Pro devices with M2 processors are now correctly identified by device type during audit. |
ComStore
| Type | Summary |
|---|---|
| Feature | Several usability improvements have been made to the ComStore page:
Refer to Browsing the ComStore. |
Components
| Type | Summary |
|---|---|
| Feature | Several usability improvements have been made to the Component Library page:
Refer to The components table. |
Credentials
| Type | Summary |
|---|---|
| Fix | We now prevent entering SNMPv3 credentials passwords fewer than 8 characters long, as this is a compatibility requirement for the Agent. Refer to SNMP credentials. |
| Fix | We resolved an issue preventing SNMPv3 credentials from saving if the authentication type None is selected. |
Dashboard
| Type | Summary |
|---|---|
| Feature | You can now access a line graph displaying alerts created over time from the Widget Library. Refer to Alerts Over Time. |
End user experience
| Type | Summary |
|---|---|
| Fix | In the event that a corrupted or non-supported custom branding icon is configured for end user ticketing, we will now display the default icon instead of failing to render the pop-up or submit the user ticket. |
Filters
| Type | Summary |
|---|---|
| Feature | Several usability improvements have been made to device filter lists:
Refer to List of filters in Device Filters. |
| Fix | It is now possible to use Custom Device Filters, to which a user has access, as policy targets in the legacy UI. Refer to Managing policies - Legacy UI. |
Global search
| Type | Summary |
|---|---|
| Feature | Searches returning no results are now clearly identified in the quick results. Refer to Global search. |
| Feature | It is now possible to use the Enter key to view results in all search categories except General. Refer to Global search. |
| Feature | The cursor now focuses on the search input field when selecting a new category with the mouse in the same way it currently works with keyboard navigation. Refer to Global search. |
Groups
| Type | Summary |
|---|---|
| Fix | In the New UI, users with the administrator security level can now see all site groups created by both administrator and non-administrator users. |
Hardware
| Type | Summary |
|---|---|
| Feature | You can now view a list of hardware at the global level. Refer to Hardware. |
| Feature | You can now view a list of hardware at the site level. Refer to Hardware. |
Jobs
| Type | Summary |
|---|---|
| Fix | We no longer prevent scheduling Patch Management, Software Management, and Monitoring Maintenance Window policy windows at a start time sooner than the UTC offset of the policy author's machine. Refer to Patch Management policy (New UI), Specify the policy details for a Patch Management policy (legacy UI), Software Management policy (New UI), Create a Software Management policy (legacy UI), and Specify the policy details for Monitoring Maintenance Window policy (legacy UI). |
Legacy UI
| Type | Summary |
|---|---|
| Foundation | To improve platform performance, we no longer poll for or display the maintenance mode icon on device list pages in the legacy UI. Refer to Creating a Monitoring Maintenance Window policy - Legacy UI. |
Network topology
| Type | Summary |
|---|---|
| Foundation | Network Discovery from the New UI is now restricted to private networks only, as defined in RFC1918. |
Platform backend
| Type | Summary |
|---|---|
| Fix | We resolved an issue causing delays or failures in the sending of job alert emails. |
| Foundation | We improved the performance of software audit storage and associated change logs by removing entries that are no longer in use. |
| Foundation | We resolved issues that delayed the refresh of policies when a device is first onboarded or moved from site to site. |
| Foundation | To improve performance, device alerts are now purged when a device is deleted from the platform. Refer to Alerts, Deleting a device, Manage alerts - Legacy UI (legacy UI), and Deleting devices - Legacy UI (legacy UI). |
Policy management
| Type | Summary |
|---|---|
| Feature | A full-page policy list is now available at the device level. Refer to List of policies in Policies. |
| Feature | Policies can now be enabled or disabled from the list view at the global and site levels. Refer to Enabled in Column Chooser - Policies. |
| Feature | It is no longer possible to define an invalid duration of 0 hours when creating or editing a Software Management policy. Refer to Duration in Software Management policy. |
| Fix | Event Log monitors now accurately display the ...is raised/not raised {value} time(s) in a period of {value} minutes criteria for configured monitors in the New UI. |
| Fix | In the Calendar view (yearly outlook) in the New UI, the dot used to denote scheduled dates will no longer occasionally appear on the day before the scheduled start date. |
Ransomware Detection
| Type | Summary |
|---|---|
| Fix | Titles and descriptions in tickets raised in Autotask from Ransomware Detection alerts will now be truncated as necessary to ensure that ticket creation failures do not occur from exceeding the character limit of those fields. |
Reports
| Type | Summary |
|---|---|
| Fix | Web Remote actions are now included in results when the Activity Log or the Device Activity report is filtered by Remote Takeover. Refer to Activity Log (New UI), Reports, and Reports - Legacy UI (legacy UI). |
| Fix | The Device Monitor Status report now supports SNMP table monitors. |
Security levels
| Type | Summary |
|---|---|
| Fix | We resolved an issue that prevented access to RDP from the New UI for users that do not have the PowerShell tool enabled in their security level. Refer to Remote control tools. |
Software
| Type | Summary |
|---|---|
| Feature | You can now view a list of installed software at the site level. Refer to Software. |
| Feature | You can now view a list of installed software at the global level. Refer to Software. |
| Feature | The Applications card on the Device Summary page has been renamed to Software to align with the global- and site-level software pages. Refer to Software in Device Summary. |
Webhooks
| Type | Summary |
|---|---|
| Fix | To prevent the loss of changes to policy configurations, a monitor that has unsaved edits will now prompt the user to save the policy or discard edits before opening another monitor within the policy. Refer to Editing a monitor within a policy. |
ComStore updates
IMPORTANT This table does not list updates for components that are installed via Software Management.
NOTE To access a full list of ComStore components, refer to List of ComStore components.
| Component Name | Platform | New/Updated | Description |
|---|---|---|---|
| Agent Health Direct-Check | Windows | Updated | The DLL clash issue was de-prioritized from error to notice. |
| Azure Active Directory Audit | Windows | New | |
| Disk Space Monitor | All | Updated | Better handling of disk space readouts for Linux devices. |
| ESXi VM Snapshot Monitor | Windows | Updated | Improved output when VM information is not available. |
| Get/Set Default Browser | Windows | New | |
| Install updates | macOS | Updated | Made clearer in StdOut that update runs sometimes need to be performed multiple times. |
| Intel EMA Configuration | Windows | New | |
| PowerShell Version Audit | Windows | New | |
| RocketCyber Agent | Windows | New | |
| SilNite (Silent Knight) Scan | macOS | New | |
| RapidFire Tools: Compliance Manager (GRC)/Network Detective Scan | Windows | New | |
| Sophos Central | Windows | Updated | Vendor update. |
| Monitor BitLocker State | Windows | Updated | Refer to the CyberDrain Components tab of the spreadsheet in the following topic: List of ComStore components. |
| Monitor Dell Driver Updates (DCU 4.6) | Windows | Updated | |
| Monitor Internet Speed | Windows | Updated |
